Vulnerability DB

Detailed information and remediation guidance for known vulnerabilities.
Find out if you have vulnerabilities that put you at risk Test your code
Vulnerability Affects Type Published
  • M
Access Restriction Bypass
drupal/drupal >=8.0.0, <8.1.0,>=8.1.0, <8.2.0,>=8.2.0, <8.3.0,>=8.3.0, <8.4.0,>=8.4.0, <8.5.0,>=8.5.0, <8.6.0,>=8.6.0, <8.7.0,>=8.7.0, <8.8.0,>=8.8.0, <8.8.10,>=8.9.0, <8.9.6,>=9.0.0, <9.0.6 Composer 18 Sep, 2020
  • M
Information Disclosure
drupal/drupal >=8.0.0, <8.1.0,>=8.1.0, <8.2.0,>=8.2.0, <8.3.0,>=8.3.0, <8.4.0,>=8.4.0, <8.5.0,>=8.5.0, <8.6.0,>=8.6.0, <8.7.0,>=8.7.0, <8.8.0,>=8.8.0, <8.8.10,>=8.9.0, <8.9.6,>=9.0.0, <9.0.6 Composer 18 Sep, 2020
  • H
Cross-site Scripting (XSS)
drupal/drupal >=8.0.0, <8.1.0,>=8.1.0, <8.2.0,>=8.2.0, <8.3.0,>=8.3.0, <8.4.0,>=8.4.0, <8.5.0,>=8.5.0, <8.6.0,>=8.6.0, <8.7.0,>=8.7.0, <8.8.0,>=8.8.0, <8.8.10,>=8.9.0, <8.9.6,>=9.0.0, <9.0.6 Composer 18 Sep, 2020
  • H
Cross-site Scripting (XSS)
drupal/drupal >=8.0.0, <8.1.0,>=8.1.0, <8.2.0,>=8.2.0, <8.3.0,>=8.3.0, <8.4.0,>=8.4.0, <8.5.0,>=8.5.0, <8.6.0,>=8.6.0, <8.7.0,>=8.7.0, <8.8.0,>=8.8.0, <8.8.10,>=8.9.0, <8.9.6,>=9.0.0, <9.0.6 Composer 18 Sep, 2020
  • M
Cross-site Scripting (XSS)
drupal/drupal >=7.0.0, <7.73,>=8.0.0, <8.1.0,>=8.1.0, <8.2.0,>=8.2.0, <8.3.0,>=8.3.0, <8.4.0,>=8.4.0, <8.5.0,>=8.5.0, <8.6.0,>=8.6.0, <8.7.0,>=8.7.0, <8.8.0,>=8.8.0, <8.8.10,>=8.9.0, <8.9.6,>=9.0.0, <9.0.6 Composer 18 Sep, 2020
  • H
Remote Code Execution (RCE)
yiisoft/yii2 <2.0.38 Composer 16 Sep, 2020
  • H
Cross-site Scripting (XSS)
prestashop/contactform >1.0.1, <4.3.0 Composer 16 Sep, 2020
  • M
Cross-site Scripting (XSS)
ezsystems/ezplatform-admin-ui-assets >=4.2.0, <4.2.1,>=5.0.0, <5.0.1,>=5.1.0, <5.1.1 Composer 14 Sep, 2020
  • M
Cross-site Scripting (XSS)
ezsystems/platform-ui-assets-bundle >=4.2.0, <4.2.3 Composer 11 Sep, 2020
  • M
Cross-site Scripting (XSS)
ezsystems/ezplatform-admin-ui-assets >=4.2.0, <4.2.1,>=5.0.0, <5.0.1,>=4.2.0, <4.2.3 Composer 11 Sep, 2020
  • M
Improper Input Validation
personnummer/personnummer <3.0.2 Composer 10 Sep, 2020
  • H
Remote Code Execution (RCE)
concrete5/concrete5 <8.5.3 Composer 06 Sep, 2020
  • H
Improper Input Validation
laravel/laravel <6.18.35,>=7.0.0, <7.24.0. Composer 04 Sep, 2020
  • M
Improper Input Validation
laravel/laravel <6.18.34,>=7.0.0, <7.23.2 Composer 04 Sep, 2020
  • H
Improper Access Control
derhansen/sf_event_mgt <4.3.1,>=5.0.0, <5.1.1 Composer 03 Sep, 2020
  • H
Arbitrary File Upload
dolibarr/dolibarr <11.0.5 Composer 03 Sep, 2020
  • M
Information Disclosure
localizationteam/l10nmgr <7.4.0,>=8.0.0, <8.7.0,>=9.0.0, <9.2.0 Composer 03 Sep, 2020
  • H
Remote Code Execution (RCE)
symphony/symphony >=4.3.0, <4.4.0,>=4.4.0, <4.4.13,>=5.0.0, <5.1.0,>=5.1.0, <5.1.5 Composer 02 Sep, 2020
  • H
Remote Code Execution (RCE)
symfony/http-client >=4.3.0, <4.4.0,>=4.4.0, <4.4.13,>=5.0.0, <5.1.0,>=5.1.0, <5.1.5 Composer 02 Sep, 2020
  • H
Cross-site Scripting (XSS)
baserproject/basercms >=3.0.10, <4.3.7 Composer 02 Sep, 2020
  • H
Cross-site Scripting (XSS)
baserproject/basercms >=4.0.0, <4.3.7 Composer 30 Aug, 2020
  • H
Cross-site Scripting (XSS)
baserproject/basercms >=4.0.0, <4.3.7 Composer 30 Aug, 2020
  • H
Server-side Request Forgery (SSRF)
codiad/codiad >=0.0.0 Composer 26 Aug, 2020
  • M
Cross-site Request Forgery (CSRF)
codiad/codiad >=0.0.0 Composer 26 Aug, 2020
  • H
Cross-site Scripting (XSS)
codiad/codiad >=0.0.0 Composer 26 Aug, 2020
  • M
Insecure Direct Object Reference
magento/community-edition >=2.1.0, <2.1.17,>=2.2.0, <2.2.8,>=2.3.0, <2.3.1 Composer 25 Aug, 2020
  • H
Remote Code Execution (RCE)
magento/community-edition >=2.3.0, <2.3.3 Composer 25 Aug, 2020
  • M
Privilege Escalation
dolibarr/dolibarr <11.0.5 Composer 23 Aug, 2020
  • M
Cross-site Request Forgery (CSRF)
openmage/magento-lts <19.4.6,>=20.0.0, <20.0.2 Composer 20 Aug, 2020
  • M
Access Restriction Bypass
phpbb/phpbb <3.2.10,>=3.3.0, <3.3.1 Composer 19 Aug, 2020